1. Field of Disclosure
The disclosure generally relates to the field of computer security, in particular to detecting malicious software applications on mobile devices.
2. Description of the Related Art
A wide variety of malicious software (malware) can attack modern computers. Malware threats include computer viruses, worms, Trojan horse programs, spyware, adware, crimeware, and phishing websites. Malicious entities sometimes attack servers that store sensitive or confidential data that can be used to the malicious entity's own advantage. Similarly, other computers, including home computers, must be constantly protected from malicious software that can be transmitted when a user communicates with others via electronic mail, when a user downloads new programs or program updates, and in many other situations. The different options and methods available to malicious entities for attack on a computer are numerous.
Conventional techniques for detecting malware on personal computers, such as signature string scanning, are proven to be ineffective for detecting malware on mobile devices such as mobile phones. Because the mobile devices typically have limited computing capacity, resource-demanding malware detection techniques such as virtual execution and sandboxing cannot be applied in the mobile devices. Similarly, because of their resource limitations, collecting virus samples is also difficult on mobile devices, making fingerprint-based malware detection techniques unreliable for detecting malware on mobile devices. In addition, because fingerprint-based malware detection techniques rely upon predefined fingerprints of known threads, they cannot detect unknown threads. Accordingly, there is a need for new techniques that can detect malware on mobile devices.